Video: How Bluecore protects PII, secrets, and credentials on Slack, Jira, and 1,500+ GitHub repos. Watch now ⟶
Prove secures data in their cloud SaaS apps with Nightfall
Prove is a mobile cloud identity provider that serves businesses across a wide range of industries like finance, retail, and healthcare. Prove’s customers offer applications for mobile banking, shopping, and more, and they rely on Prove to accurately and safely authenticate users. Because Prove handles sensitive data like personally identifiable information (PII) and credentials, the Prove infosec team adheres to strict internal data security policies and procedures to securely manage data. Nightfall’s cloud data loss prevention (DLP) helps Prove ensure that sensitive information is not inadvertently proliferated or exposed in the course of running their business.
Securing internal SaaS apps with DLP
Keith Rella is the Director of Information and Security at Prove. His team is responsible for a complex set of security requirements for Prove’s mobile cloud identity services: confidentiality, integrity, availability, auditability, and authentication. Keith’s team also must ensure that internal governance, security engineering, and security operations run at optimal levels.
Prove’s internal business operations run almost entirely on SaaS applications. And given the nature of their business, Keith’s infosec team wants to ensure that their customers’ sensitive data is not inadvertently stored in cloud apps where it should not be. The challenge comes from finding and tracking data as it moves around the cloud. “We don’t have an in-house data center where we can decrypt traffic, sniff it, read it, monitor it, and then encrypt it,” Keith says. “We have a few physical data centers and AWS accounts, but [without Nightfall] we have no way to get our arms around data loss prevention in the current SaaS platforms we’re using.”
Keith’s team wanted an easy-to-use, modern solution to help them protect information from improper exposure across their SaaS ecosystem. The main concern for Prove was securing information in the apps that are most broadly used or which are most likely to contain sensitive data: Slack, GitHub, Jira, and Confluence. Nightfall’s pre-built integrations provided the simple yet comprehensive approach they were looking for.
Providing seamless and frictionless security functionality
Keith’s team had two main requirements for a sensitive data protection solution. First, the new technology had to be seamless to integrate and frictionless for the end user. Next, the solution had to work in harmony with their existing endpoint security solutions. Nightfall’s pre-built, direct integrations made it easy for Prove to add another layer of data protection to their existing security stack.
“For us, endpoint security is a separate function, so Nightfall complements all the other functions of our security operations, whether it’s a web application firewall or endpoint protection,” says Keith.
Nightfall’s data discovery and classification engine also outperforms other options that Prove’s infosec team considered, such as a CASB. For Prove’s internal end users, Nightfall is virtually invisible and provides all the benefits of cloud-native DLP that the infosec team needs — without the invasive deployment and additional authentication layers that a CASB would require.
Along with the always-on security that API-driven DLP provides, Nightfall also helps the Prove infosec team to educate end users on why protecting sensitive data within SaaS environments makes a big difference for the company. “I recently gave a quick presentation explaining to our developers why they should not hard code any credentials or keys into code that goes in our repositories, including SDKs,” Keith says. “Using Nightfall helps us get the message across to both end users and software engineers about best practices and how to reduce risk when communicating or developing code.”
Policies, protection, and detection: a full-service security solution
DLP does a lot more for Prove than just identifying at-risk sensitive data. As a policy-driven organization, Prove uses Nightfall as a way to automatically enforce data security protocols throughout their SaaS infrastructure — which means they are respecting their customers’ requirements and trust.
“For us, DLP means added protection and detection,” Keith says. “As Nightfall protects sensitive customer data that could exist in our SaaS platforms, this makes our customers feel safer and gives them another reason to do business with us.”
Nightfall simplifies data security for Prove. Keith’s team has instant visibility into data at risk in their internal SaaS systems, which means they can eliminate the risk of exposure. “If there is ever an incident involving data loss, Nightfall helps us narrow down the [risks] and helps us remediate,” Keith says. With Nightfall, the Prove infosec team can take the appropriate actions to ensure sensitive data is never at risk, both internally and for our customers.”
“Nightfall gives us visibility into the types of information that’s being exchanged on our SaaS apps. It enables us to explain to our employees that it’s not a good idea to post sensitive information. We’re a policy driven organization, and Nightfall helps us enforce our policies.”
Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack, Google Drive, GitHub, Confluence, Jira, and many more via our Developer Platform. You can schedule a demo with us below to see the Nightfall platform in action.
Schedule a Demo
Select a time that works for you below for 30 minutes. Once confirmed, you’ll receive a calendar invite with a Zoom link. If you don’t see a suitable time, please reach out to us via email at email@example.com.